<?php
  /*
   +--------------------------------------------------------------------------
   |   phpBIZ v3.0  full version
   |   ========================================
   |   by taft@wjl.cn yejun@wjl.cn
   |   http://www.phpbiz.cn http://www.wjl.cn
   |   all rights reserved
   +---------------------------------------------------------------------------
   |
   |   > 最后修改日期：2005-4-30 2006-2-8
   |
   +--------------------------------------------------------------------------
  */
!class_exists('Debug') && exit('Forbidden');
$idx = new forget;

class forget
{
  function forget()
  {
    global $INCOME,$BIZ;

    $tmp_in = array_merge( $_GET, $_POST, $_COOKIE );
				
    foreach ( $tmp_in as $k => $v )
      {
	unset($$k);
      }

    switch( $INCOME[code] )
      {
      case '00':

      case '01':
	$this -> process();
      }

    $BIZ -> output('Forget.tpl');

  }

  function process()
  {
    global $DB,$BIZ,$INCOME;

    $rs = $DB -> db_once("select seller_question,seller_id from biz_seller where seller_logaccount = '".$INCOME['account']."'");

    $BIZ -> assign ("question",$rs['seller_question']);
    $BIZ -> assign ("account",$INCOME['account']);

    if($INCOME['Submit'])
      {
	$rs2 = $DB ->db_once("select count(*) as ct from biz_seller where seller_id='".$rs['seller_id']."' AND seller_answer='".$INCOME['ans']."' AND seller_email_address ='".$INCOME['email']."'");
	if($rs2['ct']==0)
	  $BIZ -> error("回答问题或提供的email出错！");
	else if($rs2['ct']==1)
	  {   
	    if($INCOME['newpass']=='' || $INCOME['newpass']==0)
	      $BIZ -> error("密码不能为空！");
	    $mdpwd = md5($INCOME['newpass']);
	    $DB -> db_once("UPDATE biz_seller SET seller_password = '$mdpwd' WHERE seller_id = '".$rs['seller_id']."'");
	    $BIZ -> redirect_screen("密码修改成功！");
	  }
	else
	  $BIZ -> error("未知错误！");
      }
		
  }

}
?>